import InstallNileAndNext from '/snippets/installnile.mdx';

## Overview

Email verification helps confirm user identities by requiring them to verify their email addresses before gaining full access. This is especially useful for preventing spam and unauthorized access.

When a user signs up, Nile Auth:

1. Sends a verification email using your configured SMTP server.
2. Generates a unique `verification_token` for the user.
3. Grants access to the user after they click the verification link.

## Prerequisites

- A configured SMTP server is required to send verification emails. You can set this up in the Nile Auth UI under **Tenants & Users -> Configuration -> Email templates**.
- A web server configured to handle Nile Auth requests and serve html.

## Implementation

<Steps>
  <InstallNileAndNext />
  <Step title="Middleware for Verification Enforcement">
    ```typescript
    import { Nile } from "@niledatabase/server";

    export const nile = Nile();

    app.use("verification-page", async (req, res, next) => {
      const me = await nile.users.getSelf(req.headers);

      if (!me.emailVerified) {
        return res.redirect("/force-verification");
      }

      next();
    });
    ```
    This middleware ensures that unverified users are redirected to a verification page.

  </Step>

  <Step title="Verification Button in the Frontend">
    ```typescript
    "use client";
    import { User } from "@niledatabase/server";
    import { EmailSignInButton } from "@niledatabase/react";

    export default function VerifyButton({ me }: { me: User }) {
      return <EmailSignInButton email={me.email} />;
    }
    ```
    This button allows users to trigger email verification manually.

    <iframe src="https://storybook.thenile.dev/iframe.html?args=&globals=&id=social-email--verify-email-address" width="100%" height="150px" className="rounded-md"/>

  </Step>

  <Step title="Sign-in via Email">
    You can also allow users to sign in directly using their email without requiring a password.

    ```typescript
    "use client";
    import { EmailSignIn } from "@niledatabase/react";

    export default function EmailLogin() {
      return <EmailSignIn />;
    }
    ```

    <iframe src="https://storybook.thenile.dev/iframe.html?args=&globals=&id=social-email--sign-in-with-email" width="100%" height="230px" className="rounded-md"/>

  </Step>

</Steps>

## **Verification flow**

1. The user inputs their email on the login/signup page.
2. Nile sends an email with a verification token using the configured SMTP settings.
3. The link exchanges the `verification_token` for an authenticated session.
4. Upon successful verification, the user can access the application.

## **Related Topics**

- [Email Templates](/auth/email/templates) - Customize email verification messages.
- [Custom SMTP](/auth/email/customsmtp) - Configure your own SMTP server for sending emails.
- [User Management](/auth/concepts/users) - Manage user accounts in Nile Auth.
